[bdNOG] Linux based free Network Traffic Analyzer

Brian Candler brian at nsrc.org
Mon Feb 22 14:33:35 BDT 2016


On 22/02/2016 07:10, Mirza Rakib wrote:
>
> I would like to monitor few source and destination for 2/3 weeks to 
> check whether those connections are required or not. In this case, I 
> need some reporting in excel or pdf format.
>
> There are few tools running in windows like NetQoS can do that. But i 
> do not have any windows platform for that. Is there such options in 
> your suggested tool. As i can see only CLI output option is there. I 
> need to monitor and store data for further analysis.
>
As already suggested, the combination of nfdump+nfsen should do what you 
need.

nfdump has a capture component (nfcapd) which accepts netflow records 
and stores them to disk for further analysis, exactly as you require. 
Then the nfdump tool reads those records and can write them out as plain 
text, optionally filtering or summarising them in ways you specify (e.g. 
grouping by source or destination IP address). It can output in CSV 
format, so importing the output into a spreadsheet is pretty simple.

Of course, you need to learn how to use the command line flags to 
nfdump. However if you also install the web interface (nfsen) then for 
any reports it generates it also shows the nfdump flags it used. nfsen 
can also plot mtrg-style graphs of your traffic based on filter 
conditions you define.

There are some introductory presentations and exercises linked from the 
"Thursday" section of
https://nsrc.org/workshops/2015/wacren-nmm/wiki/Agenda
and some additional exercises (e.g. port tracker) linked from
https://nsrc.org/workshops/2015/ripe-nsrc-nmm/wiki/Agenda

HTH,

Brian Candler.


More information about the nog mailing list